Back to Subject
Practice MCQ Subjective

Unit 1 - Notes

CSC104

Unit 1: Windows Operating System Fundamentals and Architecture

1. Introduction to the Windows Operating System

Windows is a graphical operating system developed by Microsoft. It allows users to view and store files, run software, play games, watch videos, and connect to the internet. It is the dominant OS for personal computers (PCs).

Key Characteristics

  • Graphical User Interface (GUI): Uses icons, windows, and menus rather than text-based commands.
  • Multitasking: Capable of running multiple applications simultaneously.
  • Plug and Play (PnP): Automatically detects and configures hardware devices.
  • Multi-user: Supports multiple user profiles on a single machine with unique settings and permissions.

Windows Editions and Versions

It is crucial to distinguish between a version (the generation of the OS) and an edition (the feature set within that generation).

Versions (Generational Releases)

  • Windows XP/7/8: Legacy versions.
  • Windows 10: Introduced "Windows as a Service" (continual updates).
  • Windows 11: Current standard with updated UI and security requirements (TPM 2.0).

Editions (Feature Tiers)

  • Windows Home: Designed for consumers. Includes standard apps (Edge, Mail). Lacks domain join capabilities and BitLocker (usually).
  • Windows Pro: Designed for small businesses and enthusiasts. Includes BitLocker (encryption), Hyper-V (virtualization), and Domain Join (Active Directory support).
  • Windows Enterprise: For large organizations. Includes AppLocker, BranchCache, and advanced deployment tools. Available via Volume Licensing.
  • Windows Server: Optimized for network services (DNS, DHCP, Web Hosting). Prioritizes background tasks over user interface.

2. User Interface and System Navigation

The Desktop Environment

  • Desktop: The main workspace containing shortcuts and the Recycle Bin.
  • Taskbar: Located at the bottom (usually); houses the Start button, pinned apps, active programs, and the System Tray (notification area).
  • Start Menu: The central launchpad for applications, settings, and power options.

Configuration Hubs

Windows has two primary areas for system configuration:

  1. Settings App (Modern UI): The primary interface in Windows 10/11 for display, sound, windows update, and personalization.
  2. Control Panel (Legacy UI): Contains advanced administrative tools (e.g., Network and Sharing Center, Administrative Tools).

3. File System Hierarchy

Windows uses a hierarchical directory structure. The way data is stored on the disk depends on the File System.

FAT32 vs. NTFS

Feature FAT32 (File Allocation Table 32) NTFS (New Technology File System)
Max File Size 4 GB 16 Exabytes (Theoretical)
Max Volume Size 32 GB (Windows limit) / 2 TB 256 TB
Security None (No file permissions) ACLs (Access Control Lists) for permissions
Reliability Prone to corruption on crash Journaling (Logs changes to recover from crashes)
Features High compatibility (Mac/Linux/USB) Encryption (EFS), Compression, Quotas
Usage USB Drives, Legacy systems System Drives (C:), Internal HDDs

Critical System Folders

  • C:\ (Root Directory): The top of the hierarchy.
  • C:\Windows: Contains operating system files (Kernel, drivers, libraries). Do not modify manually.
  • C:\Program Files: Installation directory for 64-bit applications.
  • C:\Program Files (x86): Installation directory for 32-bit applications (only on 64-bit OS).
  • C:\Users: Contains user profiles (Desktop, Documents, AppData for each user).

Environment Variables

Environment variables are dynamic named values that can affect the way running processes will behave on a computer.

  • System Variables: Global settings (e.g., %OS%, %PATH% - tells Windows where to look for executable files).
  • User Variables: Specific to the currently logged-in user.
  • Access: Right-click This PC > Properties > Advanced System Settings > Environment Variables.

4. Windows Architecture Overview

Windows operates on a Dual-Mode Architecture to ensure stability and security.

1. User Mode (Ring 3)

  • Where applications (Word, Chrome) and user interface components run.
  • Isolated from the hardware. If an app crashes in User Mode, it typically does not crash the entire OS.
  • Subsystems: Environment subsystems (Win32) translate app requests into kernel calls.

2. Kernel Mode (Ring 0)

  • The core of the operating system with unrestricted access to system memory and external devices.
  • The Kernel (ntoskrnl.exe): The "brain" that manages CPU scheduling, memory management, and I/O requests.
  • HAL (Hardware Abstraction Layer): A layer of code that hides hardware complexities from the kernel. It allows the same OS kernel to run on different hardware (e.g., Intel vs. AMD).
  • Drivers: Software components that let the OS communicate with specific hardware (Graphics card, Printer). Drivers mostly run in Kernel mode; a bad driver can cause a BSOD (Blue Screen of Death).

Windows Services

  • Background processes that run without a user interface.
  • Examples: Windows Update, Print Spooler, DHCP Client.
  • Management Tool: services.msc.

5. Managing Processes, Threads, and Memory

Task Manager

Accessed via Ctrl + Shift + Esc or Ctrl + Alt + Del.

  • Processes Tab: Shows running apps and background processes. Allows users to "End Task" (force quit).
  • Performance Tab: Real-time graphs for CPU, Memory (RAM), Disk, and Network usage.
  • Startup Tab: Manages programs that launch automatically when Windows boots.

Resource Monitor (resmon)

Provides a deeper granular view than Task Manager.

  • Disk: Shows exactly which files are being read/written by which process.
  • Network: Shows active TCP connections and listening ports.

Key Concepts

  • Process: An instance of a computer program that is being executed. It contains the program code and its current activity.
  • Thread: A basic unit of CPU utilization. A single process can contain multiple threads (Multi-threading) to perform tasks in parallel.
  • Memory (RAM):
    • Physical Memory: Actual RAM sticks installed.
    • Virtual Memory (Pagefile): Uses the hard drive as temporary RAM when physical RAM is full (pagefile.sys).

6. System Information and Logs

System Information (msinfo32)

A comprehensive tool to view hardware resources, components, and the software environment.

  • System Summary: BIOS Version/Date, Secure Boot State, Total Physical Memory.
  • Hardware Resources: IRQs, DMA, and Memory addresses (useful for troubleshooting hardware conflicts).

Event Viewer (eventvwr.msc)

A centralized log of all significant system events.

  • Windows Logs:
    1. Application: Events logged by programs (e.g., Outlook crashing).
    2. Security: Audit logs (e.g., Valid/Invalid login attempts). Success/Audit Failure.
    3. System: Events logged by Windows system components (e.g., Driver failure, Service stopped).
  • Event Levels:
    • Information: Normal operation.
    • Warning: Potential issue in the future (e.g., Low disk space).
    • Error: A problem has occurred.
    • Critical: Immediate failure (e.g., Kernel power loss).

7. The Windows Registry

The Registry is a hierarchical database used to store low-level settings for the OS and applications.

  • Access Tool: Registry Editor (regedit).
  • Warning: Improperly editing the registry can corrupt the OS.

Registry Structure

The registry is organized into Hives, Keys, and Values.

The 5 Root Hives (HKEY)

  1. HKEY_CLASSES_ROOT (HKCR): Stores file association types (e.g., linking .docx to Microsoft Word).
  2. HKEY_CURRENT_USER (HKCU): Contains configuration data for the user currently logged in (colors, control panel settings).
  3. HKEY_LOCAL_MACHINE (HKLM): Settings specific to the computer hardware and software, regardless of who is logged in. This is the most critical hive.
  4. HKEY_USERS (HKU): Contains the profiles of all users loaded on the computer. HKCU is actually a sub-key of this hive.
  5. HKEY_CURRENT_CONFIG (HKCC): Information about the hardware profile being used by the local computer at startup.

Data Types

  • REG_SZ: A text string.
  • REG_DWORD: A 32-bit number (0 or 1 is often used for On/Off).
  • REG_BINARY: Raw binary data.

8. Introduction to Command-Line Tools

Administrators often use the command line for efficiency and automation.

Command Prompt (CMD)

The legacy command-line interpreter.

  • Navigation:
    • cd (Change Directory)
    • dir (List contents of directory)
  • File Management:
    • mkdir (Make directory)
    • copy / xcopy / robocopy (Copy files)
  • Networking:
    • ipconfig (View IP address)
    • ping (Test connectivity)
  • System:
    • sfc /scannow (System File Checker - repairs OS files)
    • chkdsk (Check Disk - repairs file system errors)

PowerShell

A modern, cross-platform task automation and configuration management framework. It is more powerful than CMD and is object-oriented.

  • Syntax: Uses Cmdlets (pronounced "command-lets") in a Verb-Noun format.
  • Examples:
    • Get-Process (Lists running processes - equivalent to Task Manager).
    • Get-Service (Lists status of services).
    • Get-Help (Shows manual for a command).
  • Scripting: Scripts are saved as .ps1 files.
  • ISE: PowerShell Integrated Scripting Environment allows for writing and debugging scripts.